【问题标题】:authentication by [Authorize(Roles = "xxx")] in a razor pages model在剃刀页面模型中通过 [Authorize(Roles = "xxx")] 进行身份验证
【发布时间】:2021-06-11 23:25:07
【问题描述】:

我在我的 Asp.Net Core Razor Pages 应用程序中使用 [Authorize(Roles = "xxx")]。它工作正常,但几分钟后(可能是 5 分钟),当我单击 Crud 中的编辑或创建按钮时,它会退出。我该如何解决这个问题?我猜这个角色的存活时间可能只有 5 分钟(默认时间),但我不知道如何删除或更改它。

这是我的 StartUp 课程:

  public class Startup
    {
        public Startup(IConfiguration configuration)
        {
            Configuration = configuration;
        }

        public IConfiguration Configuration { get; }

        // This method gets called by the runtime. Use this method to add services to the container.
        public void ConfigureServices(IServiceCollection services)
        {
            services.Configure<CookiePolicyOptions>(options =>
            {
                options.CheckConsentNeeded = context => true;
                options.MinimumSameSitePolicy = SameSiteMode.None;
            });

            services.AddDbContext<ApplicationDbContext>(options =>
                           options.UseSqlServer(
                               Configuration.GetConnectionString("DefaultConnection")));
            services.AddDatabaseDeveloperPageExceptionFilter();
            services.AddIdentity<IdentityUser, IdentityRole>()
                .AddDefaultTokenProviders()
                .AddEntityFrameworkStores<ApplicationDbContext>();
            services.AddControllersWithViews();
            services.AddRazorPages().AddRazorRuntimeCompilation();


            services.AddScoped<PagingParameter, PagingParameter>();

            services.AddTransient<IEmailSender, EmailSender>();

            services.AddReCaptcha(Configuration.GetSection("ReCaptcha"));
            services.AddLocalization();
        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
        {
            if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                app.UseMigrationsEndPoint();
            }
            else
            {
                app.UseExceptionHandler("/Error");
                // The default HSTS value is 30 days. You may want to change this for production scenarios, see https://aka.ms/aspnetcore-hsts.
                app.UseHsts();
            }
            {

                app.UseHttpsRedirection();
                app.UseStaticFiles();

                app.UseRouting();

                app.UseAuthentication();
                app.UseAuthorization();

                app.UseEndpoints(endpoints =>
                {
                    endpoints.MapControllerRoute(
                    name: "default",
                    pattern: "{controller=Home}/{action=Index}/{id?}");
                    endpoints.MapRazorPages();
                });
            }
        }
    }

【问题讨论】:

  • 你能告诉我们你的Startup类吗?
  • 是的,当然。我将其添加到问题中。
  • 我还有这个问题

标签: asp.net asp.net-core authentication razor-pages


【解决方案1】:

尝试更改cookieExpireTimeSpan

services.ConfigureApplicationCookie(options =>
{
    options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
});

您可以参考doc了解更多详情。

【讨论】:

    【解决方案2】:

    您有 2 个选项。正如@mj1313 提到的,您可以使用:

    services.ConfigureApplicationCookie(options =>
    {
        options.SlidingExpiration = true; // instruct the handler to re-issue a new cookie with a new expiration time any time it processes a request which is more than halfway through the expiration window
        options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
    });
    

    还有一个是在登录时通过AuthenticationProperties中的过期时间:

    var props = new AuthenticationProperties {
      IsPersistent = true,
      ExpiresUtc = DateTimeOffset.UtcNow.Add(//put expiration time here)
    };
    

    【讨论】:

      猜你喜欢
      • 2020-04-30
      • 2020-05-22
      • 1970-01-01
      • 2021-11-02
      • 2016-08-27
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多